Security

Expert security suite reviews, firewalls, encryption, spam blockers, ad blockers and price comparisons on products from all the top brands

recruiting thinkstock
Black Hat 2015

vulnerable gdpr breach security cyber attack

GDPR is coming, and many organizations aren’t ready

Many firms still need to deploy security controls and implement solid incident response plans to meet the GDPR deadline in May

cyberwarfare defense illustration

The global cyber war is heating up: Why businesses should be worried

From NotPetya's global disruption to North Korea's digital plundering of financial institutions, state-sponsored cyber attacks should be top of mind for business leaders. Here's how to defend against them.

pirate flag pirates piracy

Flight simulator add-on used malware to steal pirates' passwords

Gamers are not happy that Flight Sim Labs added malware to the A320-X flight simulator add-on -- meant to be used with Microsoft Flight Simulator X and Prepar3D 3.0 -- in an effort to stop software pirates.

steal theft hacker crime laptop firewall

Sinovel Wind Group found guilty of IP theft valued at $800 million

While American Superconductor's data logs and stores were helpful in convicting Sinovel Wind Group of IP theft, a data loss prevention strategy could have identified the thieves' activities sooner.

03 cryptography

Why aren't we using SHA-3?

The Secure Hash Algorithm version 3 fixes flaws in the now-standard SHA-2 cipher. Here's how to prepare for a migration to SHA-3 when SHA-2 is inevitably compromised.

How Contrast Security protects applications from the inside out

Contrast Security has one of the most elegant solutions out there for application security. We can see why it scored 100 percent on the OWASP Security Benchmark.

securitysmart primary

Security Smart, Fall 2017: Password myths debunked!

From the editors of CSOonline.com Security Smart is a quarterly newsletter ready for distribution in your organization. We combine personal device and home safety tips with organizational security awareness, making security training...

abstract FinTech image of a dollar sign referencing digital transactions and potentially blockchain

Hackers exploit Jenkins servers, make $3 million by mining Monero

Hackers exploiting Jenkins servers made $3 million in one of the biggest malicious cryptocurrency mining operations ever.

north korea statue pyongyang

North Korea hacking group is expanding operations, researchers say

A group of hackers from North Korea (DPRK), recently connected to the usage of an Adobe Flash zero-day vulnerability (CVE-2018-4878), has expanded its operations in both scope and sophistication, FireEye says.

cat hiding box hide and seek

How to protect your network from PowerShell exploits

PowerShell is a powerful and versatile tool for both Windows sysadmins and hackers, who use it to build malicious scripts that avoid detection. This advice will make it harder for them to do so.

microsoft edge browser new size

Google discloses Microsoft Edge security flaw before it could be fixed

Microsoft failed to develop a fix within the 90-day disclosure deadline, so Google Project Zero researcher went public with the details of an ACG bypass on Microsoft Edge.

salted hash thumbnail final
video

Ransomware: Do you pay the ransom? | Salted Hash Ep 19

Robert Gibbons, CTO at Datto, joins host Steve Ragan to talk about why companies pay out ransoms, the role of incident response plans and continuity strategies, and how companies weigh the risks.

eye binary IDS Intrusion Detection System

What is an intrusion detection system (IDS)? A valued capability with serious management challenges

An IDS monitors network traffic, searching for suspicious activity and known threats and sending up alerts when it finds such items. The function remains critical in the modern enterprise, but maybe not as a standalone solution.

anti facebook primary

Facebook is sorry for text spamming 2FA users, blamed it on a bug

Facebook claimed a ‘bug’ was responsible for sending text spam to phone numbers provided by two-factor authentication (2FA) users.

nup 177120 0001

Security lessons from the 2018 Pyeongchang Winter Olympics

Shiny buttons that go "ping!" considered harmful.

What’s on CISOs Minds in 2018?

Business risk, the cyber supply chain, attackers, data security and awareness training top the list

European Union, EU

General Data Protection Regulation (GDPR) requirements, deadlines and facts

GDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. And non-compliance could cost companies dearly. Here’s what every company that...

eye binary IDS Intrusion Detection System

Cyber espionage: China wants Japanese firms’ intellectual property

Cyber groups within China are targeting Japanese companies involved in heavy industry and national infrastructure as part of a multifaceted effort to create the Chinese strategic playbook.

Load More